The present invention relates to session control on the Internet and to a communication system, a session control management server, and a connection control method for performing connection processing when a request to connect to a disconnected Internet connection line is received.
Today, widespread use of high-speed access lines such as FTTH (Fiber To The Home) provides a high-speed Internet access environment and, at the same time, communication carriers and ISPs (Internet Service Provider) provide the IP phone service over the Internet.
Although the network configuration differs according to the communication carrier and the ISP, two separate networks are built, one for an Internet connection and the other for the IP phone network, and two IP addresses are assigned to the user, one for an Internet access and the other for an IP phone, to increase the communication quality of the IP phone service.
Therefore, to acquire the IP address for an Internet access and the IP address for an IP phone, a router such as a Broadband Router (BBR) installed in a user's home or a company must perform protocol processing, such as PPP (Point to Point Protocol), PPPoE (PPP over Ethernet) (Ethernet is a registered trademark), or DHCP (Dynamic Host Configuration Protocol), individually for the GW (GateWay) installed on the communication carrier side or the ISP side.
Similarly, for a VPN (VIRTUAL Private Network) connection, protocols such as L2TP (Layer 2 Tunneling Protocol) and IPsec (IP Security Protocol) are used to perform the connection processing.
In the Internet connection service, when a terminal such as a home PC accesses a web server or a mail server on the Internet and, at this time, if a router such as a BBR is connected to the communication carrier or the ISP and has already acquired an IP address, the router transfers the packets immediately. However, if the router is not connected to the communication carrier or the ISP and has not yet acquired an IP address, the router cannot transfer the packets. In this case, the router connects to the communication carrier or the ISP via PPP and, after acquiring an IP address, transfers the packets. After that, when the non-communication monitoring time that is set in advance in the router has elapsed, the router automatically disconnects from the communication carrier or the ISP to prevent an always-on connection state. This processing method prevents a wasteful, long connection and, at the same time, improves security against an attack, such as a DoS attack (Denial of Service attack) from the Internet side, or an unwanted access.
When a public web server is installed, the FQDN (Fully Qualified Domain Name), which can be identified by the URL, and the acquired IP address are registered in the DNS (Domain Name System) server using the dynamic DNS(Dynamic Updates in the Domain Name System) to allow the server to be accessed from the terminals on the Internet side using the URL (Uniform Resource Locator). By dosing so, the public web server may be accessed from the Internet side.
When a public web server is installed, security measures against a DoS attack are taken, for example, by the FW (FireWall), because the public web server is always on to always allow access from the Internet side.
In the IP phone service, VoIP (Voice over IP) communication is performed in which a communication path (session) is first established between the terminals before the communication is started and then voice data is transferred using RTP (RealTime Transport Protocol) packets.
As the primary session control protocols for establishing and disconnecting a session between terminals, the specifications for SIP (Session Initiation Protocol), MGCP (Media Gateway Control Protocol), and H.248 have been prepared. For example, SIP-based session control between terminals is performed primarily via the SIP server.
A SIP message is composed of the start line and the header, via which request information or response information is transferred, and the message body in which the session content is described. For example, SDP (Session Description Protocol) is used for describing the session content, and the other party of the communication is identified by the request URI (Uniform Resource Identifier) described in the start line. During the session establishment process, the RTP packet communication condition between the terminals, such as the protocol for calling the receiver and for transmitting voices and videos, the bit rate, and so on, are determined.
In the IP phone service, an always-on session is maintained in many cases to respond to an incoming message from IP phone terminals on the Internet side.
Several methods are proposed for connecting to the Internet or to a destination terminal through the cooperation of DNS and SIP. For example, JP-A-2006-109316 discloses a technology that, when transmitting an access request from a LAN terminal to the other terminal of the communication, the LAN terminal transmits the request to the GW and, upon receiving the request, the GW performs the name resolution of the other terminal of the communication via DNS. At this time, the GW identifies if the connection destination information included in the query message is an FQDN or a URI such as an IP phone number. If the connection destination information is an FQDN, the GW transfers the query to the DNS server for name resolution and, at the same time, performs the IPsec connection processing for the other terminal of the communication. If the connection destination information is a URI, the GW performs SIP-based connection processing for the other terminal of the communication. In this way, the communication line is connected when an access request is issued from a LAN terminal to the other terminal of the communication.
For example, JP-A-2006-352753 discloses a technology in which, when an access request is made from a PC to a PC at the other end and the application installed in the PC performs the name resolution of the other PC via DNS, the protocol conversion processing program installed in the same PC first performs the DNS-SIP conversion processing and then calls the SIP server to request it to perform the name resolution processing. In this way, the PC performs communication with the other PC of the communication.
For example, JP-A-2008-219723 discloses a technology in which, when an access request is made from a client terminal to a web server and the application installed in the PC performs the name resolution of the PC at the other end via DNS, the session control means installed in the same PC first performs name resolution via the DNS server. If it is determined that the name is not resolved, the session control means requests the SIP service registration server to resolve the name and, in addition, performs the SIP-based connection processing for the web server. In this way, when an access request is made from a client terminal to a web server, the communication line is connected.